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PREFACE 



How To Use This Guide 



Sharelt FTP Pro vs Sharelt FTP Lite 

Sharelt FTP is available in two different versions: Sharelt FTP Pro and Sharelt FTP 
Lite. The professional version of the software is geared towards enterprise and 
industrial applications and includes SSL/TLS support. Sharelt FTP Lite is designed 
for SOHO and individual users and does not include the SSL/TLS features and 
tools found in the professional version. Both products are referred to as 'Sharelt 
FTP' in this guide. 



What's Included In This Guide 

This guide describes the procedures to install and configure Sharelt FTP, monitor 
servers and do any other day-to-day administrative tasks. 

• Chapter 1, "Sharelt FTP Overview," highlights the major features of Sharelt 
FTP. 

• Chapter 2, "System Requirements," details the minimum hardware specifica- 
tions necessary to run Sharelt FTP. 

• Chapter 3, "Installing Sharelt FTP," describes the processes of installing and 
uninstalling Sharelt FTP. 
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How To Use This Guide 



• Chapter 4, "Configuring Sharelt FTP," covers set up and customizing of Sharelt 
FTP, including user accounts, security features and registration information. 

• Chapter 5, "Running Sharelt FTP," tells you how to start and stop the FTP ser- 
vice. 

• Chapter 6, "Technical Notes," details the protocol and command support in Sha- 
relt FTP. 



Using This Guide 

Review the first chapter to acquaint yourself with the features that Sharelt FTP pro- 
vides. 

Then read any chapter that's about configuration or management functions that you 
are unfamiliar with. Each chapter includes an overview of how the components 
work, what it can do for you, strategies for using it, how to set it up and how to 
administer it over time. 

Some chapters end with a section called "Where To Find More Information." This 
section points you to the Web sites and other reference material containing more 
information about the component. 



Getting Additional Information 

In addition to this document, you will find information about Sharelt FTP in: 

• The product and support pages at http://www.nsctech.com. 

• READ ME files in the Sharelt FTP distribution. 

• On screen help within the FTP Console application. 
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CHAPTER 1 Sharelt FTP Overview 



Sharelt FTP enables computers to transfer files over your network or the Internet. It 
supports the latest File Transfer Protocol (FTP) features found in most web brows- 
ers and FTP client applications and provides security extensions to protect your 
information. The software is suited to transferring large database, medical, archive, 
scientific and multimedia files. 



SSL/TLS Support (Pro version) 

Sharelt FTP uses the same security technology that is found in e-commerce web- 
sites to protect confidential documents. Secure Sockets Layer (SSL) and Transport 
Layer Security (TLS) lets you send encrypted, authenticated information across the 
Internet. 



Embedded and Wireless FTP Server 

Sharelt FTP was designed from the ground up for stability, performance and 
interoperability. The software runs in the "background" on your device and 
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employs proprietary networking technology that allows up to 64 connections with- 
out degrading system performance. 



Enhanced Server Security 

Sharelt FTP is equipped with features to detect and prevent well known network 
attacks. The software includes user privileges, time-delays, random port assign- 
ments and more. 



Real-time Monitoring 

You can view user, download and network statistics of your FTP server in real- 
time. 



Boost Your Bandwidth With 'MODE Z' 

Get more files, faster. Sharelt FTP supports deflate transmission mode (also known 
as MODE Z) which is designed to increase network throughput and decrease trans- 
fer times by compressing file and system data. This feature benefits users and orga- 
nizations who pay for connection time or bandwidth usage. 



Manage Users and Access Rights 

Sharelt FTP lets you add up to 256 users, so you can configure who may access 
your device and how they can use it. 
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Error Recovery And Restart Features 



Error Recovery And Restart Features 

To help users cope with unreliable network enviornments, Sharelt FTP supports 
restartable file transfer operations. This feature saves the time and money involved 
in resending files. 



Firewall Friendly 

Firewalls restrict access to your network and impose many restrictions on the web 
services behind them. Sharelt FTP lets you to configure the protocol and the TCP/ 
IP operation of your FTP server. 



Easy Configuration 

No complicated scripts or programming required. Just "point and tap" to set up 
your FTP server. 



Where To Find More Information 

Request for Comments (RFC) documents provide an overview of a protocol or ser- 
vice and details about how the protocol should work. If you are a new system 
administrator, you will probably find some of the background information in an 
RFC helpful. Experienced administrators can find the technical details of a protocol 
in these documents. You can search for RFC documents by number at this Web site: 

http ://www. faqs.org/rfc 

For details about FTP, see RFC 959. 
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CHAPTER 2 System Requirements 



The minimum requirements your device needs to run Sharelt FTP are: 

• A 200Mhz ARM or XScale processor. 

• 16MB RAM (256KB per FTP client). 

• 1MB of storage; 8MB or more recommended. 

• Microsoft Pocket PC 2000/2002/2003 operating system. 

• A TCP/IP network connection. 

• External storage devices and memory cards are supported. 
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CHAPTER 3 Installing Sharelt FTP 



This chapter describes the procedures to install and uninstall Sharelt FTP. 

NOTE: If you have purchased Sharelt FTP from an on-line distributor, print out 
your receipt and make a back-up copy of the software. 

Installing 

Perform the following steps to install Sharelt FTP: 

1. Open Microsoft Windows Explorer (Start > Programs > Accessories > Win- 
dows Explorer) on your desktop computer. 

2. Double-click the Setup.exe icon located in the Sharelt FTP folder. 

3. Click Install. 

4. Read the license agreement carefully. If you agree to the terms, click Accept to 
launch Microsoft ActiveSync. 

5. Follow the on-screen instructions. 

You can also install Sharelt FTP on your device: 

1. Copy or download the ShareItFTP.PPC3_ARM.CAB file to your device. 

1. Open Microsoft File Explorer (Start > Programs > File Explorer). 

2. Locate and tap the Sharelt FTP .CAB file (specified above). 
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3. Follow the on-screen instructions. 
Uninstalling 

Perform the following steps to uninstall Sharelt FTP: 

1. If Sharelt FTP is running on your device, exit the server (see "Running Sharelt 
FTP" section). 

2. Open Microsoft ActiveSync on your desktop computer. 

3. Select the Add/Remove Programs options in the Tools menu. 

4. Select Noisette Software Sharelt FTP in the application list. 

5. Click the Remove button. 

6. Follow the on-screen instructions. 
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CHAPTER 4 Configuring Sharelt FTP 



Before You Start 

Consider the type of information you need to share and who your users are. For 
example, guest (anonymous) users pose a security risk because you open your 
server to people you do not know. The access and privileges you set for the files 
and folders on your FTP server are the most important way you can keep informa- 
tion safe. 



Configuring Secure Communications (Pro version) 
SSL/TLS Background 

The Secure Sockets Layer (SSL) protocol is designed to secure and authenticate 
communications over the Internet. It uses a public-and-private key encryption sys- 
tem, which involves the use of a digital certificate from a "trusted" source. SSL has 
recently been succeeded by the Transport Layer Security (TLS) protocol, which is 
based on SSL. TLS uses the same cryptographic methods as SSL but supports 
stronger (168-bit 3DES vs 128-bit) algorithms. 
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The most important part of SSL is the digital certificate, a piece of data that 
includes a public key and other interesting information, such as the owner of the 
certificate, it's expiration date, and the fully qualified domain name associated with 
the server. It is up to the client to either accept or reject the server's certificate. In 
the case of FTP, many client applications will simply prompt you to read and accept 
the certificate, others may use an elaborate verification process. If the client rejects 
the certificate, secure communications cannot take place. 



Configuring Your Firewall 

If you are going to use Sharelt FTP with a firewall, you should consult your net- 
work administrator and decide on your FTP policies. This includes: 

• Select the internal IP address for your FTP server. 

• Choose a FTP service port (default 21). 

• Note the data port range (fixed 1500 to 2000) for incoming connections. 

The firewall rules will have to be updated to reflect the network configuration you 
agree on. 

Sharelt FTP includes a compatibility feature called "Fix IP Address" which you 
should be familiar with. Many firewall and routing devices do not examine the 
FTP commands and remap the internal/external network addresses. To resolve the 
addressing problem, Sharelt FTP lets you specify an external IP address which will 
be used in FTP commands. 



Configuring Your FTP Server 

To configure your FTP server: 

1. Start Sharelt FTP (Start > Programs > ShareltFTP). The application will 
launch and dock in the system tray (small gray computer icon). 

2. Open the status screen (Start >Today > System Tray > ShareltFTP). 

3. Shutdown the FTP service by choosing the Stop option in the Server menu. 

4. Select the Settings option in the Tools menu. 
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Step 1: Configure System Settings 



Step 1: Configure System Settings 



The System settings page lets you specify your FTP server's network address, max- 
imum number of connections and login restrictions. 
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Directory - 

Root : 



\My Documents\ 



Connection - 



Users 



16 



(Max, 64) 



Port : 21 



Timeout - 

Inactivity 

300 



Login 



sees 



retries 



System 


Users 


Network 


IP Access 


Misc. 




Server Tools Help H 


M. 



1. Root directory. Enter the "root" folder for your FTP server. This location will 
appear as the top ('/') folder to FTP clients; and any new files and folders will be 
stored here. 

2. Maximum number of users. Enter the maximum number of FTP connections 
(up to 64). 

3. TCP Port. Enter a port (default 21) between 1 and 65,535. Note that ports 
under 1,024 are reserved for other Internet and system services. Your FTP 
server may fail to start if it is conflicting with another application. 

4. Inactivity timeout. Enter the maximum amount of time a connection can 
remain idle before the FTP server closes it. The recommended minimum value 
is 300 seconds. 

5. Maximum login attempts. Enter the number of invalid login attempts before 
the FTP server closes the connection. The recommended value is 3. 
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Step 2: Configure User Settings 



The Users settings let you create FTP user accounts and configure anonymous FTP 
access. 



Sharelt FTP 



Profiles - 



10:29a @) 




New 



Edit 



Delete 



Anonymous 

0 Allow 'anonymous' user 
Perm. : @W 00 0D 0R 



System 


Users 


Network 


IP Access 


Misc. 




Server Tools Help H 





How To Create A New FTP User 
1. Tap the New button. 
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Step 2: Configure User Settings 



2. Edit the user profile. Enter the usemame, password and permissions. 
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Id 



User 
Passwd 



auser 



abc 



Privileges 

0 Write (MKD/STOR/STOU/APPE) 
0 Overwrite (STOR/APPE) 
0 Delete (RMD/DELE) 
0 Rename (RNFR/RNTO) 



Cancel 




3. Tap the OK button to save your changes. 

How To Delete A FTP User 

1. Select the user profile you want to delete. 

2. Tap the Delete button. 

How To Edit A FTP User 

1. Select the user profile you want to edit. 

2. Tap the Edit button. 

3. Update the username, password and permissions. (See image in "How To Cre- 
ate A New FTP User"). 

4. Tap the OK button to save your changes. 
Configure Anonymous Users 
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1. Allow anonymous user. Check this option if you want to allow guest users. 

2. Enable permissions. If you have enabled anonymous FTP access, check the 
write, overwrite, delete and rename permissions. These options let you control 
how guest users can use your FTP server. 



Step 3: Configure Network Settings 

The Network settings lets you configure firewall options. 
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Firewall Options 

□ Fix IP Address 

Enter the external IP address that 
maps to your FTP server: 



i-0 Enable 'deflate' mode 

Compress Memory Window 
Min. -p-P-,- Min. 



9 



Max. 



Max. - rh 



System 


Users 


Network 


IP Access 


Misc. 




Server Tools Help H 





1. Fix IP address. Check this option if you want your FTP server to be accessible 
from an external network. For example, if your server is part of a private net- 
work (ie. 192.168.XXX.XXX or 10.100.XXX.XXX) you need to enter a 
routable IP address that can be forwarded to your computer. 

2. External IP address. If you have enabled the fix IP option, enter the external IP 
address (firewall or router) for your FTP server. The external IP address will be 
used for FTP commands like PASV. 
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Configure Transmission Mode Settings 

The transmission mode settings lets you configure support for the FTP 'deflate' 
extension (MODE Z) that can be used to compress system (for example, LIST and 
other commands) and file data. 

Deflate transmission mode is a proposed standard, developed by NSC and other 
Internet Engineering Task Force (IETF) FTP Working Group members, designed to 
increase network throughput and decrease transfer times using the same compres- 
sion technology found in ZIP utilities. The specification is currently described in an 
Internet Draft and should become a standard feature in FTP software over the next 
few years. 

The new transmission mode offers several benefits to users and administrators: 

• Significant network savings can be found in common file formats and system 
data (see the chart below). 

DEFLATE TRANSMISSION MODE (MODE Z) 





i 






re* 






.HTM/.XML 






I* 






FTP US J 


















.PSD (Photoshop) 








1 r ' 





m zmi -kpo wi m<, wi 

Bandwidth savings ("A) 



• Users and specialized FTP installations do not have to rely on external compres- 
sion utilities to reduce application data. 

• In secure FTP sessions, the load on the client and server is reduced because less 
data has to be encrypted/decrypted and fewer secure renegotiations are required. 
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• Users and organizations who have limited network resources or pay for connec- 
tion time/bandwidth usage can save money on their Internet costs. 

Sharelt FTP lets you tune the compression parameters so you can balance the net- 
work, processor and memory demands on your FTP server. It is recommended that 
you use this feature with the bandwidth throttle (see "Configure Advanced Network 
Settings") to distribute the load across all FTP connections. 

1. Deflate mode. Check this option if you want to enable compressed data trans- 
fers. 

2. Compression level. Set the compression level that balances the following pro- 
cessor and data requirements: 



LEVEL 


DESCRIPTION 


CPU REQ. 


None 


No compression. Input data is copied into 


Low 




blocks, but includes integrity checks. 




Fast 


Best speed with compression. 


Medium 


Maximum 


Best compression. 


High 



3. Memory level. This parameter specifies how much memory should be allocated 
for internal compression operations. Set the level that balances your memory 
and speed requirements: 



LEVEL 


DESCRIPTION 


MEM REQ. 


Minimum 


Uses minimum memory but is slow and 
reduces the compression ratio. 


Low 


Medium 


Average memory and speed. 


Medium 


Maximum 


Uses maximum memory (approximately 
300K per connection) for optimal speed. 


High 
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4. Window size. This parameter controls the size of the "history buffer." Larger 
values result in better compression at the expense of memory usage. Select a 
value that fits your compression requirements: 



LEVEL 


DESCRIPTION 


MEM REQ. 


Small 


Minimum compression. 


Low 


Medium 


Medium compression. 


Medium 


Large 


Best compression. 


High 



Step 4: Configure IP Access Settings 

The IP Access settings let you control access to your FTP server by filtering net- 
work addresses. When a computer connects to your server, Sharelt FTP will scan 
the the Access Control List (ACL) and accept or reject the connection. 

The IP Access feature is ideal for academic and small (or home) business, but other 
organizations should invest in a firewall package to exercise a finer degree of con- 
trol over their servers. 
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Configure IP Rules 



Sharelt FTP 



10:59a @) 



Select the default access 
#(..'=•] control policy: 

O Accept (§) Deny 

Filter the following addresses : 



IP address 


Subnet mask 


192.168.1.0 


255.255.255.0 


< 1 " 


II ► 



Add 



Delete 



System 


Users 


Network 


IP Access 


Misc, 




Server Tools 


Help 









1. Access control policy. Select the default access control policy for your FTP 
server. If you are already behind a firewall, you will probably want to leave this 
option as 'Accept' and move onto the next section. 

2. Add rule. Click the Add button to create a new Access Control List entry. 
Enter the address or range and subnet mask. 

3. Delete rule. Select the rule you want to discard and click the Delete button. 



Examples 

Suppose you want to deny all connections except those from your internal company 
network (192. 168.1. XXX): 

• Set 'Deny' as your default Access Control Policy. 

• Click the Add button and enter 192. 168.1.0 as the IP address and 255.255.255.0 
as the Subnet mask. 
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Now only computers with a network address in the range of 192.168.1.1 to 
192.168.1.255 will have access to your FTP server. 

In the next example, suppose you want to allow all connections except one from a 
hostile user (24.64.112.240): 

• Set 'Accept' as your default Access Control Policy. 

• Click the Add button and enter 24.64. 1 12.240 as the IP address and 
255.255.255.255 as the Subnet mask. 



Now you have banned exactly one IP address. 



Step 5: Configure Security Settings (Pro version) 

The Security settings lets you create certificates and configure the SSL/TLS sys- 
tem. 



r-0 Enable SSL/TLS - 



Enter or create a 
certificate for this server. 



Certificate filename 



\Program Files\ShareIt FTP\ppcCert 



Private key filename 



\Program Files\ShareIt FTP\ppcCert 



Passphrase 



Reset 



Create. 



Users 


Metwork 


IP Access 


Security 


"Ml ► 


Server Tools Help H 


jk. 
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1. Enable SSL/TLS. Tap this option if you want to use SSL and TLS security on 
your FTP server. If you have disabled this feature, you can skip the remaining 
steps and move on to the "Configure Miscellaneous Settings" section. 

If you do not have a certificate, Sharelt FTP can generate a "self-signed" certificate 
for you. See the "Generating A Self-Signed Certificate" and "Obtaining An SSL 
Certificate From A Certificate Authority" sections below. 

2. Certificate filename. Enter the name and location of your server certificate file 
(.crt). 

3. Private key filename. Enter the name and location of your server's private key 
file (.key). 

4. Passphrase. Enter the passphrase associated with your private key. 

5. Reset. Tap this button to reset the certificate, key and passphrase fields. 

6. Create. Tap this button to create a "self-signed" certificate. 



Generating A "Self-Signed" Certificate 



Name : 



ppcCert 
Passphrase : 



p@l%&gd- 



Valid 



365 



days 



Next >> 



Cancel 



123 J 


L 2 


3 


4 


5 


6 


7 


8 


9 


0 








Tab 


q 


w 


e 


r 


t 


y 


u 




□ 


P 


[ 


] 


CAP 


a 


s 


d 


f 


g 


b 


j 


k 


1 


f 






Shif 


t z 


X 


c 


V 


b 


n 


m 


f 




i 




Ctl 


au 




\ 






t 


«- 
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1. Name. Enter a name for your certificate files. These items will be stored in your 
Sharelt FTP folder (ie. \My Device\Program Files\ShareIt FTP). 

2. Passphrase. Enter the passphrase for your certificate. We suggest using a com- 
bination of 8 (minimum) letters and numbers which are non-obvious. 

3. Expiry date. Enter the number of days (minimum 30 recommended) you want 
the certificate to remain valid. Note that many FTP clients will reject expired 
certificates. 

4. Next. Tap the Next button to continue the certificate creation process. 



Org. 

Cmn Name 
Email* 
State/ Prov. 
Country 



ACME 



Unit* : test 



www.acme.com 



admin@acme.com 



NY City* 



NY 



US 



optional 



Finished 



Cancel 



123 J 


L 2 


3 


4 


5 


6 


7 


8 


9 


0 








Tab 


q 


w 


e 


r 


t 


y 


u 




□ 


P 


[ 


] 


CAP 


a 


s 


d 


f 


g 


b 


j 


k 


1 


f 






Shif 


t z 


X 


c 


V 


b 


n 


m 


f 




i 




Ctl 


au 




\ 




4. 


t 













5. Organization. Enter the organization to which your domain name is registered. 

6. Organization unit. Enter the name of your department or division. 

7. Common name. Your FTP server's DNS name, such as ftp.mycompany.com. 

8. Email address. The email address of the certificate's contact person. 

9. State or province. The locality of your organization. 

10. City. The city in which your organization is located. 

11. Country. The two letter country code for your organization. 
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12. Tap the Finished button to generate the certificate and continue configuring 
Sharelt FTP. 

Obtaining An SSL Certificate From A Certificate Authority 

Sharelt FTP includes the capability to generate a "self-signed" certificate which can 
be used to secure communications, but many organizations require certificates to 
come from a Certificate Authority (CA) like Verisign ( http://www.verisign.com ). 

Commercial CAs 

For more information about commercial CAs have a look at the following loca- 
tions: 

• Verisign, http://www.verisign.com 

• Thawte, http://www.thawte.com 

• CertiSign Certificadora Digital Ltda., http://www.certisign.com.br 

• IKS GmbH, http://www.iks-jena.de 

• Uptime Commerce Ltd., http://www.uptimecommerce.com 

• BelSign NV/SA, http://www.belsign.be 

NOTE: Most CA's do not give explicit details about how to generate a certificate 
request (CSR) for FTP servers. Fortunately, Sharelt FTP uses the highly regarded 
OpenSSL package and is compatible with the Apache (web server software) 
mod_ssl procedures. If you are having problems obtaining a certificate from a CA, 
contact support&nsctech. com . 
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Step 6: Configure Miscellaneous Settings 



The Miscellaneous settings let you enter administrator and welcome message infor- 
mation. 



3. 



Sharelt FTP 



Administrator 

Email 



4:24p @) 



root@domain.com 



Welcome Message 

Path 



\My Docurnents\Welcom 



NOTE: this file must be in ASCII text 
format. 



Power Save Scheme - 



Keep alive for active users 



Use standard settings 
Device is always on 



5J 



System 


Users 


Network 


IP Access 


Misc. J 


Server Tools Help H 


A. 



1. Administrator email address. Enter the contact email address for your server. 
This information is displayed in the STAT command. 

2. Enter welcome banner filename. If you want to display a welcome message to 
FTP users, enter the name of a plain text file. Leave this field blank if you do not 
want to use this option. 

Select power save scheme. This feature helps battery powered devices provide 
better FTP service by bypassing device power saving options. Select an option 
that suits your needs. 



How To Automatically Start Sharelt FTP 

To configure Sharelt FTP to automatically start when your device is powered on: 
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1. Open File Explorer (Start > Programs). 

2. Navigate to the Programs folder (My Device > Windows > Start Menu). 

3. Bring up the keyboard (lower right on your device). 

4. Tap the Ctl button. 

5. Locate and select the Sharelt FTP icon/shortcut. 

6. Tap the Ctl button, followed by the c key. This is the Copy sequence. 

7. Navigate to the StartUp folder (My Device > Windows). 

8. Tap the Ctl button, followed by the v key. This is the Paste command. 

9. Restart your device. 



Where To Find More Information 

If you require more information about secure network communications, there is a 
variety of books available from O'Reilly & Associates. See the Network Security 
With OpenSSL book (ISBN 0-596-00270-X) for an in-depth discussion on the bene- 
fits of using a CA. 

For more information on administering and configuring web services, see Running 
Microsoft Internet Information Server (ISBN 1-57231-585-7) from Microsoft 
Press. 

The latest SSL 3.0 specification, an Internet Draft dated November 1996, can be 
viewed at: http://wp.netscape.com/eng/ssl3/draft302.txt. 
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CHAPTER 5 Running Sharelt FTP 



In this next section, we will examine how to manually control the FTP service so 
that you can perform routine maintenance on your device. 



Starting The FTP Service 

1. Start Sharelt FTP (Start > Programs > ShareltFTP). The application will 
launch and dock in the system tray. If you want to view FTP activity, see the 
next section. 

If the FTP service is stopped, you can manually start/resume by: 

2. Selecting the Start option in the Server menu. 
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Viewing FTP Service Activity 



You can view server statistics and user activity through the Sharelt FTP status 
screen: 



r Activity - 192.168.1.25:21 

Uptime : 7 01:45:22 d h:m:s 
Sessions : 4/21 curr/tot 
Xfers : 304/148 up/dn 
Sent : 1.70 Mb 

Recvd : 8.25 Mb 





User 


Tinne 


Up/Dl 


Cmd 


Q userOan... 
(8) IEUser@i... 
Q usergian... 
Q usergian... 


0 
0 
5 
1 


0/2 
0/0 
98/68 
0/78 


RETR 
LIST 
PASV 
CWD/ 


< I in 






I ► 



Server Tools Help 



1. Open the Microsoft Today application (Start > Today). 
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Stopping The FTP Service 



2. Tap the Sharelt FTP icon in the system tray. See screenshot (below). 




|i] Tap here to set owner information 



^1 No upcoming appointments 

£3 No unread messages 
No unsent messages 



[?] No tasks 



Tap here to open the status screen 




3. If you want to hide the Sharelt FTP status screen, select the Hide Window 
option in the Server menu. 



Stopping The FTP Service 

Sharelt FTP can be manually stopped by performing one of the following opera- 
tions: 

1. Selecting the Stop option in the Server menu. 

2. Choosing the Exit option in the Server menu. 

To restart the FTP service, use one of the start FTP service options (above). 
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CHAPTER 6 Technical Notes 



This section contains advanced system and protocol details for Sharelt FTP. 



File Modification Time (MDTM) Command 

Sharelt FTP implements the MDTM command as specified in the draft-ietf-ftpext- 
mlst-16 document. However, the server also supports the widely accepted "set" 
time option: 

MDTM <sp> timeval <sp> pathname <CRLF> 

The server-PI will respond to the MDTM command with a 213 reply giving the 
new modification time of the file. 550 represents an error in the timeval, pathname 
or access to the file; 553 is returned when the user does not have write permissions. 



ASCII Representation Type 

When the user-PI sets ASCII representation type (TYPE A), Sharelt FTP will trans- 
late the newline characters (LF = '\n') to the correct CRLF sequence. The benefit of 
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this feature is that Sharelt FTP can be used to convert text files from other operating 
systems (for example, UNIX) to the native Windows format. However, users and 
administrators should note that the size of the file on the destination system will be 
larger than that of the source. 

NOTE: The server will not alter existing CRLF formatting. For more information, 
see RFC 959 section 3.1.1.1. 



Telnet Protocol Notes 

Sharelt FTP emulates the Synch signal behavior specified in RFC 854 (page 7). 
The software ignores the TCP Urgent flag and scans the incoming data for the DM 
(Data Mark) flag. When the flag is seen, only "interesting" control functions will be 
executed and TELNET data up to the DM is ignored. See description below for 
more detail on the TCP Urgent flag: 

[Winsock documentation] 2.2.3 Out-of-band data 

Note: The following discussion of out-of-band data, also referred to as TCP 
Urgent data, follows the model used in the Berkeley software distribution. Users 
and implementors should be aware of the fact that there are at present two conflict- 
ing interpretations of RFC 793 (in which the concept is introduced), and that the 
implementation of out-of-band data in the Berkeley Software Distribution does not 
conform to the Host Requirements laid down in RFC 1122. To minimize interoper- 
ability problems, applications writers are advised not to use out-of-band data 
unless this is required in order to intemperate with an existing service. Windows 
Sockets suppliers are urged to document the out-of-band semantics (BSD or RFC 
1122) which their product implements. It is beyond the scope of this specification 
to mandate a particular set of semantics for out-of-band data handling... 



Port Range 

Sharelt FTP uses the TCP ports between 1500 and 2000 for data connections. If 
your FTP server is behind a firewall, you should update the network rules to allow 
incoming traffic in this range. 



30 



Sharelt FTP User Guide 



Error Timeout 



Error Timeout 

If a user sends an invalid or unsupported command, Sharelt FTP will wait 3 sec- 
onds before it will process the next request. The purpose of this feature is to slow 
down certain types of network attacks. 



Maximum Connections From Same IP 

Sharelt FTP imposes a four (4) connection limit from the same TCP/IP address. 



OpenSSL (Pro version) 

Sharelt FTP employs the OpenSSL suite to implement Secure Sockets Layer (SSL 
v2/v3) and Transport Layer Security (TLS vl) functionality. This software is a 
comphrensive 'open source' solution that meets the security requirements of CERT 
and other international organizations. For more information, see the OpenSSL web- 
site: http://www.openssl.org. 



MD5 Command 

MD5 (Message Digest Algorithm #5) is a secure hashing function that converts an 
arbitrarily long data stream into a digital signature (or checksum). No two streams 
produce the same value which makes this technique ideal for comparing file infor- 
mation. If the checksums of two files match, the data has not been altered and the 
contents can be trusted. 

Sharelt FTP provides a method for calculating MD5 checksums with the following 
[extended] command: 

SITE <sp> MD5 <sp> filename <CRLF> 

The server-PI will respond to the request with a 200 reply giving the MD5 check- 
sum. 5XX errors are returned when the file does not exist, is the incorrect type or 
permission is denied. 
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The representation type (ASCII/binary) set during the FTP session influences the 
result of this command. CRLF mapping is performed in ASCII mode (see the 
'ASCII Representation Type" section in this chapter). 

The MD5 feature requires the user's FTP client software to support custom 
requests. Each package accomplishes this task in a different manner and some 
applications do not support this function. 
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APPENDIX A FTP Commands 



Standard Commands 


COMMAND 


DESCRIPTION/SYNTAX 


RFC 


LIST 


List file information in current/specified directory. Usage: 
LIST [<sp> pathname] <CRLF> 


959 


NLIST 


List file names. Usage: 

NLIST [<sp> pathname] <CRLF> 


959 


CWD/XCWD 


Change working directory. Usage: 

CWD/XCWD <sp> directory <CRLF> 


959 


CDUP/XCUP 


Change to parent directory. Usage: 
CDUP/XCUP <CRLF> 


959 


PORT 


Specify remote IP address for data transfer (server to client). 
Usage: 

PORT <sp> bO, bl, b2, b3, b4, b5 <CRLF> 


959 



PASV Passive data transfer (client to server). Usage: 959 

PASV <CRLF> 
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COMMAND 


DESCRIPTION/SYNTAX 


RFC 


TYPE 


Set representation type. Usage: 

TYPE <sp> [A 1 1 | L 8 | N | T | AN | AT] <CRLF> 


959 


ALLO 


Allocate storage space (ignored). Usage: 
AT T O <sn> filesi7e <CRT F> 


959 


STOR 


Store (upload) file. Usage: 

STOR <sn> filename <CRT F> 


959 


STOU 


Store unique file. The server will generate and return a file- 
name in the reply. 

STOU <CRLF> 


959 


APPE 


Append file. Usage: 

APPE <sp> filename <CRLF> 


959 


RETR 


Retrieve (download) file. Usage: 
RETR<sp> filename <CRLF> 


959 


PWD/XPWD 


Print working directory. Usage: 
PWD/XPWD <CRLF> 


959 


ABOR 


Stop current operation. Usage: 
ABOR <CRLF> 


959 


USER 


Set username. Usage: 

USER <sp> username <CRLF> 


959 


PASS 


Set password. Usage: 

PASS <sp> password <CRLF> 


959 


ACCT 


Set account (ignored). Usage: 

ACCT <sp> account-info <CRLF> 


959 


DELE 


Delete file. Usage: 

DELE <sp> filename <CRLF> 


959 


RMD/XRMD 


Remove directory. Usage: 

RMD/XRMD <sp> directory <CRLF> 


959 



MKD/XMKD Create directory. Usage: 959 
MKD/XMKD <sp> directory <CRLF> 
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Standard Commands 



COMMAND 


DESCRIPTION/SYNTAX 


RFC 


RNFR 


Rename from. Must be followed by RNTO command. Usage: 
RNFR <sp> filename <CRLF> 


959 


RNTO 


Rename to. Usage: 

RNTO <sp> filename <CRLF> 


959 


SYST 


System command. Return host operating system informa- 
tion. Usage: 

SYST <CRLF> 


959 


MODE 


Set transmission mode. Usage: 
MODE <sp> [S | Z] <CRLF> 


959 


STRU 


Set file structure. Usage: 

STRU <sp> [F | R] <CRLF> 


959 


STAT 


Status. Return information about the current operation. 
Usage: 

STAT [<sp> pathname] <CRLF> 


959 


REIN 


Reinitialize. This command terminates a user, flushing all 
IO. Usage: 

REIN <CRLF> 


959/ 
EXT 


MDTM 


Set/get file modification time. Usage: 
MDTM <sp> pathname <CRLF> 

and 

MDTM <sp> timevalue <sp> pathname <CRLF> 


EXT 


SIZE 


Return the size of a file (using current representation type). 
Usage: 

SIZE <sp> pathname <CRLF> 


EXT 


AUTH 


OCL dULllCllLlC-tlLlUll/ aC^UI 1 Ly lllCdltllllolll. KJ otliiC. 

AUTH <sp> [SSL | TLS] <CRLF> 


2228 


PBSZ 


Set protection buffer size. Usage: 
PBSZ <sp> size <CRLF> 


2228 


PROT 


Set data channel protection level. Usage: 
PROT <sp> [C [ P] <CRLF> 


2228 
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COMMAND 


DESCRIPTION/SYNTAX 


RFC 


ccc 


Clear command channel. Usage: 
CCC <CRLF> 


2228 


FEAT 


Feature command. Show server capabilities. Usage: 
FEAT <CRLF> 


2389 


OPTS 


Options command. Allows the client to set command behav- 
ior. Usage: 

OPTS <sp> command [<sp> options] <CRLF> 


2389 


SITE 


Site command. Access custom server features. Usage: 
SITE <sp> command [<sp> options] <CRLF> 


959 


HELP 


Display command and syntax information. Usage: 
HELP [<sp> command] <CRLF> 


959 


NOOP 


No operation. Usage: 
NOOP <CRLF> 


959 


EPRT 


Extended PORT command. Usage: 

EPRT <sp> <d><net-prt><d><net-addr><d><tcp-port><d> 


2428 


EPSV 


Extended PASV command. Usage: 
EPSV [<sp> ALL] <CRLF> 


2428 


QUIT 


Logout. Usage: 

QUIT <CRLF> 


959 
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Extended Commands 

The following commands are unqiue to Sharelt FTP and require the FTP client to 
send custom requests to the server (with the SITE feature). 

COMMAND DESCRIPTION/SYNTAX 

MD5 Calculate a MD5 checksum for a file. Usage: 

SITE <sp> MD5 <sp> filename <CRLF> 

NOTE: Representation type (ASCII/binary mode) influences 
the result of this command. 
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CHAPTER 8 Revision Notes 



Version 1.7 

• Sharelt FTP now available in two formats: Pro and Lite 

• Added SSL/TLS and RFC2228 (AUTH, PBSZ, PROT, CCC, etc.) support. 

• Added 'Security' configuration page; contains certificate and passphrase infor- 
mation. {Pro version) 

• Added certificate creation pages {Pro version) 

• Added UTF8 support. 

• Added MD5 extension. 

• Updated STAT command to display the security mechanism. 

• Updated PROT command: PROT without corresponding PBSZ is accepted after 
login. 

• Updated MODE Z to include header and CRC information. This change is 
reflected in http://www.ietf.org/internet-drafts/draft-preston-ftpext-deflate- 
02.txt. 

• Changed 'About' dialog to display version (Pro vs Lite) information. 
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Version 1.62 

• Fixed bug in STOR command that allowed users to upload to root folder. Files 
would not be visible or accessible. 

• Updated STAT command. Do not display administrator email address if the 
field is blank. 

• Fixed bug in deflate settings. Starting/ stopping the server and changing the 
MODE Z settings caused a crash. 



Version 1.61 

• Added power save options. These options help administrators configure the 
device to balance FTP availability and battery conservation. 

• Updated FTP server settings option; the system will prompt the administrator to 
stop the server before editing. 



Version 1.6 

• Added deflate transmission mode. 

• Update network config settings pages. 

• Updated version number and welcome message to 1.6. 

• Added new IP access settings pages. 

• Added access control list (ACL) functionality for security configuration. 

• Updated system setting pages; new icon and layout. 

• Updated user setting pages; new icon and layout. 

• Fixed timeout bug; prevents no data network attack. 

• Network and performance improvements. 

• Root folder is now accessed through the "pub" folder. This change is part of an 
initiative to add FTP share points to the Pocket PC version of Sharelt FTP. 

• Updated rename/move functionality. Sharelt FTP will return an error when the 
user attempts to rename and move files. 
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Version 1.6 



• New RNTO reply. The server will reply to error code 550 if the folder is pro- 
tected (ie. "pub"). 

• Updated installer. Fixed PPC 2003 installation. 
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